Reliability of sequential systems using the causeconsequence diagram method
|
|
- Berniece Davis
- 5 years ago
- Views:
Transcription
1 Loughborough University Institutional Repository Reliability of sequential systems using the causeconsequence diagram method This item was submitted to Loughborough University's Institutional Repository by the/an author. Citation: ANDREWS, J.D. and RIDLEY, J.M., Reliability of sequential systems using the causeconsequence diagram method. Proceedings of the Institution of Mechanical Engineers, Part E : Journal of Process Mechanical Engineering, 215 (3), pp Additional Information: This article was published in the journal, Proceedings of the Institution of Mechanical Engineers, Part E : Journal of Process Mechanical Engineering [ c IMechE] and is also available at: Metadata Record: Publisher: c IMechE / Professional Engineering Publishing Please cite the published version.
2 This item was submitted to Loughborough s Institutional Repository ( by the author and is made available under the following Creative Commons Licence conditions. For the full text of this licence, please go to:
3 207 Reliability of sequential systems using the cause consequence diagram method J D Andrews and L M Ridley* Department of Mathematical Sciences, Engineering Mathematics Division, Loughborough University, Leicestershire, UK Abstract: In many industrial systems, where safety is of the utmost importance, it is necessary that expedient tools for accident analysis are available and employed at the design stage. Such tools must be able to handle large systems in a systematic way and display the factors that are of vital importance for the functionality of the system. The technique of fault tree analysis (FTA) is commonly used to assess the failure probability of such systems. The fault tree represents the failure logic of the system in an inverted tree structure and has the advantage that it provides very good documentation of the way the failure logic was developed. Conventional fault tree quanti cation requires a number of assumptions regarding the system. One of these is that the basic events in the tree occur independently. This condition is not satis ed when sequential failures are encountered. Employing alternative methods, such as Markov methods, can result in the loss of the documentation that represents the failure logic of the system. The cause consequence diagram method is a tool that, like fault tree analysis, documents the failure logic but has the extra capability enabling the analysis of systems subject to sequential failures. In addition, the cause consequence diagram identi es the complete set of system responses to any given initiating event. This paper is concerned with the cause consequence diagram method and its application to sequentially operating systems. It extends previous work by providing more rigorous guidelines to enable the construction of the diagram and an analysis methodology that can be used when dependencies exist between the events featured in the decision boxes. A new symbol distinguishing between events that exist at a speci ed point in time and those that occur at that time is introduced to facilitate the analysis. Keywords: cause consequence analysis, fault tree analysis, dependencies 1 INTRODUCTION When investigating potential accident sequences, the time between the occurrences of events can be an important parameter [1]. This type of system could be characterized as one with various shutdown mechanisms that are initiated given the presence of some initiating event, e.g. when a pressure limit is exceeded. In order to identify all relevant accidents for a such a system, Nielsen stated that the safety assessment tool used must be able to determine the possible causes of the accident The MS was received on 15 June 2000 and was accepted after revision for publication on 17 May *Corresponding author: Department of Mathematical Sciences, Engineering Mathematics Division, Loughborough University, Loughborough, Leicestershire LE11 3TU, UK. event and identify the possible consequences given that one or more of the accident limiting provisions could fail. The technique of fault tree analysis (FTA) [2] is commonly used to assess the probability of failure of industrial systems. This method represents the failure logic of the system in an inverted tree structure and provides very good documentation of the way that the system failure logic was developed. The FTA technique, however, is incapable of identifying both the possible causes of an undesirable event AND all the possible consequences resulting from it. In addition to this, the FTA method cannot accurately analyse systems containing sequential failures. Markov models [3] do not require the assumption of independence, as with the FTA method, and can therefore be used accurately to analyse sequential failures. This modelling technique describes the system in a state transition diagram. The state E03200 Ó IMechE 2001 Proc Instn Mech Engrs Vol 215 Part E
4 208 L M RIDLEY AND J D ANDREWS transition diagram is not as easy to construct as a fault tree and contains no textual description regarding the failure logic of the system. As with the FTA method, the Markov analysis method has the ability to identify the possible causes of the undesirable events yet is incapable of identifying all the possible consequences resulting from it. A technique has been developed that possesses the ability to identify the causes of an undesired event and from this event develop all possible system consequences. The technique is known as the cause consequence diagram method. The cause consequence diagram method was developed at RISO National Laboratories, Denmark, in the 1970s, speci cally to aid in the reliability and risk analysis of nuclear power plants in Scandinavian countries [4]. The method was created to assist in the cause consequence accident analysis of the nuclear plants, which involved identi cation of the potential modes of failure of individual components and then relating these causes to the ultimate consequences for the system [5]. The method can be seen as superior to event tree analysis (ETA) [4], which is also capable of identifying all consequences of a given critical event, as it models at component level and therefore is functionality driven and not subsystem driven. In addition to this, the cause consequence diagram method can account for time delays, which is not a feature available in the ETA method. Nielsen stated that, as well as being a tool for illustrating the consequences of particular failures, the method could also serve as a basis from which the probability of occurrence of the individual consequences could be evaluated. The consequences evaluated include those that illustrate the system functioning as intended and those that illustrate an undesirable failure sequence. Several authors have used the technique as the main analysis tool for a safety assessment [6 9]. However, the documentation of the quanti cation of the cause consequence diagram is limited and a generalized analysis method or even rigorous de nitions of the meaning of the symbols to enable quanti cation is yet to be developed. This is the subject considered in this paper. Rules for construction and quanti cation of the cause consequence diagram have been developed and applied to an industrial system. The quanti cation method developed can be automated for computerized system assessment and has the capability to deal with dependencies that can occur when analysing systems whose operation is sequential. These dependencies include component failures that are repeated as causes of more than one decision box event. The occurrence of such a common event therefore in uences the outcome of more than one of the decision boxes in any path. A second class of dependent events encompasses those events whose failures are inconsistent, and the occurrence of a speci c component failure mode excludes the possibilities of other components failing, which feature in other parts of the diagram and are therefore mutually exclusive. 2 CAUSE CONSEQUENCE DIAGRAM METHOD The main principle of the cause consequence diagram technique is based on the occurrence of a critical event, i.e. an event that disturbs the balance of the process plant. The identi cation of the critical event is problem dependent, and choosing the correct place to start is important as there are very many possible initial events, not all of which have serious consequences. Focus should therefore only be made on functional failures of process components that directly affect the plant balance. Once a critical event has been identi ed, all relevant causes of the critical event and potential consequences are developed using two conventional reliability analysis methods. This situation is represented in Fig. 1. The two reliability analysis tools used in the development of the cause consequence diagram method are the FTA method and the ETA method. The FTA method is used in two independent situations to describe the causes of an undesired event. Firstly, the technique is used to describe the causes of the critical event. The second function for the fault tree method is to describe the failure causes of the accident-limiting systems (emergency shutdown systems). The event tree method is used as the link between the causes of the critical event and the various consequences that could result. The method is used to identify the various paths that the system could take, following the critical event, depending on whether certain subsystems/components function correctly or not. The relationship between the two reliability methods is shown in Fig. 2. Fig. 1 Simple representation of a cause consequence diagram structure Proc Instn Mech Engrs Vol 215 Part E E03200 Ó IMechE 2001
5 RELIABILITY OF SEQUENTIAL SYSTEMS 209 Fig. 2 Basic structure of a cause consequence diagram 3 SYMBOLS FOR CONSTRUCTION The symbols used for the construction of a cause consequence diagram are depicted in Table 1. The overall structure of the cause consequence diagram method is depicted in Fig RULES FOR CONSTRUCTION Rules for the construction of a cause consequence diagram can be detailed in two separate sections, those for the cause part of the diagram and those for the consequence part of the diagram. For the cause part it should be noted that the rules postulated are those used in the construction of a fault tree structure. The rules for the construction of the cause diagram can be summarized as a three-step procedure: 1. Identi cation of the top event. The construction of the cause diagram begins with the de nition of the undesired event, i.e. the system failure of interest. 2. Cause diagram development. Using a deductive process, the causes of the undesired event are discovered and connected by means of logical gates. The procedure is repeated until all events have been fully developed, i.e. the basic events are reached. 3. Validation of the diagram. For each gate used, all inputs must be both necessary and suf cient to produce the output event. Similarly, a set of rules were devised for the construction of the consequence diagram: 1. Component ordering. The rst step of the cause consequence diagram construction is deciding on the order in which component failure events are to be taken. To ensure a logical development of the causes of the system failure mode, it was decided that the ordering should follow the temporal action of the system, for example the system activation for the function required given an initial critical event. 2. Consequence diagram development. The second stage involves the actual construction of the diagram. Starting from the initiating component, the functionality of each component or subsystem is investigated and the consequences of these sequences determined. If the decision box is governed by a subsystem, then the probability of failure will be obtained via a fault tree diagram. 3. Reduction. If any decision boxes are deemed irrelevant, for example the boxes attached to the NO and YES branches are identical and their outcomes and consequences are the same, then these should be removed and the diagram reduced to a minimal form. Removal of these boxes will in no way affect the end result. 5 RULES FOR QUANTIFICATION The procedure for analysing an independent system modelled using a cause consequence diagram begins with the assignment of probabilities/frequencies to each outlet branch stemming from a decision box. Following this, the probability of any one sequence is obtained by multiplication of the probabilities associated with each decision box in that sequence [10]. The probability of any particular consequence is then obtained by the summation of the probability of each sequence that terminates in that consequence. This procedure, however, cannot be employed unless the failures of each decision box in a sequence are independent. Dependencies can exist in the cause consequence diagram, and these must be dealt with prior to the quanti cation of the diagram. 5.1 Rules for dependent failure events Common failure events The rst dependency that can arise is that the same failure event exists in more than one fault tree structure on the same path in the cause consequence diagram. In order to deal with a common failure event, the event is extracted from the fault tree structures and placed in a new decision box preceding the rst decision box that contains the common failure event. The original cause consequence diagram is then duplicated on each outlet branch stemming from the new decision box. Following the NO outlet branch of the new decision box, the failure event is set to TRUE in any fault tree structure in which it is found. Similarly, following the YES outlet branch, the E03200 Ó IMechE 2001 Proc Instn Mech Engrs Vol 215 Part E
6 210 L M RIDLEY AND J D ANDREWS Symbols for cause diagram Table 1 Symbols used for construction of a cause consequence diagram Function description AND GATE: Allows causality to pass up through the tree if at any time all inputs to the gate occur OR GATE: Allows causality to pass up through the tree if at any time at least one input to the gate occurs Symbol for consequence diagram Function description The decision box represents the functionality of a component/ system. The NO box represents failure to perform correctly, the probability of which is obtained via a fault tree or single component failure probability q i Fault tree arrow represents the number of the fault tree structure that corresponds to the decision box The initiator triangle represents the initiating event for a sequence where l indicates the rate of occurrence Time delay 1 indicates that the time starts from the time at which the delay symbol is entered and continues up to the end of the time interval in the delay symbol OR gate symbol: Used to simplify the cause consequence diagram when more than one decision box enters the same decision box or consequence box Existence decision box represents a component existing in a certain state Consequence box represents the outcome event due to a particular sequence of events Proc Instn Mech Engrs Vol 215 Part E E03200 Ó IMechE 2001
7 RELIABILITY OF SEQUENTIAL SYSTEMS 211 Fig. 3 Cause consequence diagram structure probability of failure of the common failure event is set to FALSE in any fault tree structure in which it is present Inconsistent failure events In certain systems, components are required to perform different functions which, if successfully accomplished, results in the components residing in different states at different times. For example, initially a valve may be required to be closed and later in the sequence be open. For systems that are not in continuous operation, certain component failures could occur between operations. For example, the valve could fail between operations, which would be the cause of the valve being closed at the start of the next sequence, and later in the sequence the valve would be unable to open. To illustrate this, the simple cause consequence diagram section shown in Fig. 4 can be utilized with the relevant fault trees depicted in Fig. 5. In this example, the component K2 is required to perform two different functions; rstly to close-decision box 1, and then, later in the sequence, to open-decision box 3. In order to model this type of failure accurately, the cause consequence diagram requires modi cation E03200 Ó IMechE 2001 Proc Instn Mech Engrs Vol 215 Part E
8 212 L M RIDLEY AND J D ANDREWS Fig. 4 Example cause consequence diagram prior to quanti cation. Employing a basic event labelling convention in a fault tree structure can be used to identify an inconsistent failure event. If two labels are the same apart from the last character, then they are deemed as inconsistent failure events and the rst failure event represents the decision box containing the rst failure mode and the second failure event represents the decision box containing the second failure mode. This can be seen for the cause consequence diagram in Fig. 4, where Ft1 contains the basic event K2CO, the rst failure mode, and Ft3 contains the basic event K2CC, the second failure mode. Following the identi cation of an inconsistent failure event, the second failure mode is inspected and, depending on whether the second failure mode is an unrevealed or revealed failure event, the cause consequence diagram is different. If the second failure mode is a revealed failure, then it cannot fail between operations and be undetected. Therefore, the time to failure of the second failure mode is set equal to the time it takes the system to travel from the rst failure event to the second failure event. If, on the other hand, the second failure mode is unrevealed, then it can occur between operations and be undetected. When this situation occurs, the second failure mode is extracted and placed in an existence decision box preceding the rst failure event. The cause consequence diagram is then duplicated on both outlet branches and, following the YES outlet branch of the existence decision box, the decision box containing the rst failure mode is governed by the failure of the second failure mode. The second failure mode probability is set equal to 1 in all decision boxes beneath the existence decision box, and the rst failure mode is set equal to 0. Therefore, for Fig. 4, assuming K2CC is an unrevealed failure event, the cause consequence diagram illustrated in Fig. 6 would be created and reduced to the form shown in Fig. 7. Following the NO outlet branch of the existence decision box results in the same scenario as if the failure had in fact been a revealed failure. Therefore, the second failure event occurs in the time it takes the system to travel from the rst failure event to the second failure event. Following the inspection of each sequence path in the cause consequence diagram, and modi cation due to any identi ed dependent failure events, the cause consequence diagram can be quanti ed by multiplying the probability associated with each decision box in each sequence. The probability of any consequence is then obtained via the summation of the probability of any sequence that terminates in that consequence. 6 PRESSURE TANK SYSTEM The system used to illustrate the construction of a cause consequence diagram is a pressure tank system that contains a start-up, shutdown sequence in addition to its operational phase [11]. The system con guration is given in Fig. 8 and the component individual functions and failure modes are represented in Table 2. Initially, the system is considered to be in a dormant state and therefore de-energized. Switch S1 and relay contacts K1 and K2 are all open when in the dormant state, and the timer and pressure switch contacts are Fig. 5 Fault trees for the example cause consequence diagram Proc Instn Mech Engrs Vol 215 Part E E03200 Ó IMechE 2001
9 RELIABILITY OF SEQUENTIAL SYSTEMS 213 Fig. 6 Modi ed cause consequence diagram for inconsistent failure modes closed. Depressing switch S1 provides power to the coil of K1 which results in the closure of the K1 contacts. Relay K1 self-latches when S1 opens when released, and power is also supplied to K2, resulting in K2 contacts closing, which starts the pump motor. It is assumed that the tank takes 30 min to ll, and once the pressure threshold is reached the pressure switch contacts open, de-energizing K2, which results in the removal of power from the pump motor. After a period of time the tank becomes empty and the pressure switch closes, which energizes K2. The pump restarts and the lling process commences again. The tank is lled twice daily and the system is inspected at 6 monthly intervals for dormant failures. In the event of the pressure switch failing to open, a safety feature is included in the form of the timer relay. Power is applied to the timer relay following the closure of the K1 contacts, which initiates a clock. If the clock registers 30 min of continuous pumping, then the timer relay contacts are opened which results in a break in the circuit to K1 and system shutdown. The rules developed for the construction of a cause Fig. 7 Reduced cause consequence diagram for inconsistent failure modes E03200 Ó IMechE 2001 Proc Instn Mech Engrs Vol 215 Part E
10 214 L M RIDLEY AND J D ANDREWS Fig. 8 Pressure tank system consequence diagram were used to construct the cause consequence diagram for the pressure tank system: Step 1. Component failure event ordering. The ordering of the components for the construction of the cause consequence diagram is selected by considering the temporal patterns of the system. For the pressure tank system, switch S1 is depressed, followed by its opening. Relay K1 energizes and powers K2 which powers the pump. Following 30 min of operation, the pressure switch should open. In the event that the pressure switch fails to open, the timer should time out and the timer contacts open. Given that the pressure switch opens, K2 contacts should de-energize, remov- Table 2 Component functions and failure modes Component Function Failure modes Effect on system Failure type Switch S1 To apply power to coil of relay K1 S1C: Switch failed closed Circuit remains energized but can Unrevealed be broken by K2 S1O: Switch failed open No power to energize circuit Revealed Relay K1 Electrically self-latched, applying power to relay K2 K1D: Relay fails de-energized No power to circuit Revealed K1CC: Contact fails closed Circuit remains energized but can Unrevealed be broken by K2 K1CO: Contact fails open No power to circuit Revealed Relay K2 Delivers power to the motor K2D: Relay fails de-energized No power to motor Revealed K2CC: Contact fails closed Continuous power to motor Revealed K2CO: Contact fails open No power to motor Revealed Timer relay (TIM) Pressure switch (PRSW) Provides emergency shutdown in event of pressure switch failing De-energizes coil of K2 when tank is full TIMCC: Timer contact fails closed TIMCO: Timer contact fails open Circuit energized but PRSW can open No power to motor Unrevealed Revealed PSWC: Fails closed Continuous power to motor Revealed PSWO: Fails open No power to motor Revealed Fuse To prevent power surge F: Fails broken No power to motor Revealed Power supplies 1 and 2 Supplies power to relays and motor PS1, PS2: No power No power to motor Revealed Motor Pumps uid into tank M: Fails broken No power to pump Revealed Proc Instn Mech Engrs Vol 215 Part E E03200 Ó IMechE 2001
11 RELIABILITY OF SEQUENTIAL SYSTEMS 215 Fig. 9 Cause consequence diagram for the pressure tank system ing power from the pump. Where the timer is required to break the circuit containing K1, K1 contacts should de-energize, removing power from K2, which results in the removal of the power supply to the pump. The ordering was therefore chosen to be S1, K1, K2, pressure switch, timer relay, K1, K2 It can be seen that the components K1 and K2 both occur twice in the ordering sequence. This is the result of the system containing two different phases, and hence some components perform different actions in each different phase. The components K1 and K2 are both required to close in the start-up sequence and open in the shutdown sequence. Steps 2 and 3. Cause consequence diagram construction and reduction. The cause consequence diagram was constructed by considering the effect of each component in the chosen order on the system performance. In order to highlight relevant features, only one lling sequence is investigated, the cause consequence diagram of which is given in Fig. 9. The corresponding fault trees are illustrated in Fig SYSTEM QUANTIFICATION Prior to multiplying the probabilities associated with each decision box in each sequence, the cause consequence diagram was checked for any dependent failure events. The following dependent failure events were identi ed* 1. Inconsistent failure event present in Ft1 and Ft2 as the switch is required to close, represented by decision box 1, and then open, represented by decision box 2. The second failure event, SIFC, is an unrevealed failure * Following each of the seven modi cations outlined, the cause consequence diagram may change. These changes result in the duplication of certain parts of the diagram that may contain the inconsistent failures mentioned; e.g. the inconsistent failures detailed in 2 and 3 occur more than once and are handled in an identical manners. E03200 Ó IMechE 2001 Proc Instn Mech Engrs Vol 215 Part E
12 216 L M RIDLEY AND J D ANDREWS Fig. 10 Fault trees for the pressure tank cause consequence diagram event (Table 2) and is therefore extracted and placed in an existence decision box preceding decision box 1. The cause consequence diagram is modi ed using the procedure detailed in Section Inconsistent failure event present in Ft3 and Ft5 as the pressure switch is required to be closed and then open. The second failure event, PSWC, is a revealed failure event (Table 2) and the time to failure of PSWC is set equal to 30 min (the lling time). 3. Inconsistent failure event present in Ft3 and Ft6 as K2 contacts are required to close and, following the tank ll, open. The second failure event, K2CC, is a revealed failure event (Table 2) and the time to failure of K2CC is set equal to 30 min (the lling time). 4. Common failure event present in Ft7 and Ft8. PS1 is extracted and placed in a new decision box preceding decision box 7. The cause consequence diagram is modi ed following the procedure detailed in Section Inconsistent failure event present in Ft7 and Ft12 as K1 contacts are required to close and then open. The second failure event, K1CC, is an unrevealed failure event (Table 2) and is therefore extracted and placed in an existence decision box. The cause consequence diagram is modi ed using the procedure detailed in Section Inconsistent failure event present in Ft7 and Ft11 as the timer contacts are closed and may be required to open later in the sequence. The second failure event, TIMCC, is an unrevealed failure event (Table 2) and is therefore extracted and placed in an existence decision box. The cause consequence diagram is modi ed using the procedure detailed in Section Following the appropriate modi cation owing to the dependent failure events identi ed, the nal cause consequence diagram was developed and is shown in Figs 11 and 12, with the corresponding fault trees given in Fig. 13. The probability of the system entering an overpressurized state was obtained using the component failure data shown in Table 3. The system functions twice daily and therefore the time between operations is 12 h. The probability of failure for revealed failures between operations was hence obtained using equation (1) with t ˆ 12 h. For unrevealed failures the probability of failure was obtained using y and t, given in Table 3, and equation (2): Q ˆ 1 e lt Q AV ˆ l y 2 t 1 2 The probability of each fault tree was calculated using the inclusion exclusion method (7), and the probability of overpressure was obtained by summing the probabilities of any sequence that terminated in the consequence O. There existed 12 such paths, and the probability of overpressure was calculated to equal In addition to obtaining the probability of overpressure, the probability of the tank being empty, a safe operation and a normal operation can also be calculated and shown to equal P (normal operation) ˆ 0:766 P (safe operation) ˆ 0:2213 P (empty tank) ˆ 1: Proc Instn Mech Engrs Vol 215 Part E E03200 Ó IMechE 2001
13 RELIABILITY OF SEQUENTIAL SYSTEMS 217 Fig. 11 First page of the nal cause consequence diagram for the pressure tank system E03200 Ó IMechE 2001 Proc Instn Mech Engrs Vol 215 Part E
14 218 L M RIDLEY AND J D ANDREWS Fig. 12 Second page of the nal cause consequence diagram for the pressure tank system Proc Instn Mech Engrs Vol 215 Part E E03200 Ó IMechE 2001
15 RELIABILITY OF SEQUENTIAL SYSTEMS 219 Fig. 13 Fault tree structures for Figs 11 and 12 8 CONCLUSIONS The main advantage of the FTA method is that the failure logic of a system is well documented on the fault tree structure. Conventional fault tree quanti cation, however, requires a number of assumptions, which renders the analysis of sequential or dependent systems inaccurate. For such systems, an accurate analysis can be obtained via a Markov model, but the state transition diagram used in the Markov analysis holds no textual description regarding the failure logic of the system. The cause consequence diagram method enables Table 3 Failure data for pressure tank system Component Failure rate Inspection interval, y Mean time to repair, t Switch S1 S1FC: S1FO: NA NA Relay K1 K1D: NA NA K1CC: K1CO: NA NA Relay K2 K2D: NA NA K2CC: NA NA K2CO: NA NA Timer relay TCC: TCO: NA NA Pressure switch PSWC: NA NA PSWO: NA NA Fuse F: : NA NA Power supplies 1 and 2 PS1: NA NA PS2: NA NA Motor M: NA NA E03200 Ó IMechE 2001 Proc Instn Mech Engrs Vol 215 Part E
16 220 L M RIDLEY AND J D ANDREWS sequential or dependent systems to be modelled accurately with the retention of the failure logic for the system. In addition to this, more than one consequence can be modelled at a time as the cause consequence diagram documents all system outcomes from a given critical event. In order to extend the capabilities of the cause consequence diagram method, a list of construction and quanti cation rules have been developed and illustrated using an example system. In particular, this paper provides more rigorous de nitions of the symbols used and the approach to be adopted to construct the cause consequence diagram. A new symbol is introduced to distinguish between events that exist at a speci ed time and those that occur at that time. Once the cause consequence diagram is constructed, its quanti cation can be complicated by dependencies between the events represented by the decision boxes. An approach to resolving this problem is given that can be automated within a computational analysis methodology. Dependencies attributed to either repeated events or inconsistent events can be accounted for in this way. REFERENCES 1 Nielsen, D. S. The cause/consequence diagram method as a basis for quantitative accident analysis. Danish Atomic Energy Commission, RISO-M-1374, May Andrews, J. D. and Moss, T. R. Reliability and Risk Assessment, 1993 (Longmans). 3 Billington, R. and Allan, R. Reliability Evaluation of Engineering Systems, 1983 (Pitman, London). 4 Villemeur, A. Reliability, Availability, Maintainability and Safety Assessment, 1991 (John Wiley, Chichester). 5 Nielsen, D. S. and Runge, B. Unreliability of a standby system with repair and imperfect switching. IEEE Trans. On Reliability, April 1974, 23, Taylor, J. R. Interlock design using fault tree analysis and cause consequence analysis. RISO-M-1890, Nielsen, D. S., Platz, O. and Runge, B. A cause consequence chart of a redundant protection system. IEEE Trans. On Reliability, April 1975, 24(1). 8 Nielsen, D. S., Platz, O. and Kongs, H. E. Reliability analysis of proposed instrument air system. RISO-M-1903, April Nielsen, D. S. Use of cause consequence charts in practical systems analysis. Reliability and Fault Tree Analysis, 1975, pp (SIAM). 10 Hickling, P. The use of cause consequence diagrams for the reliability analysis of sequentially operating systems. British Gas Report, Hassl, D. F., Roberts, N. H., Vesely, W. E. and Goldberg, F. F. Fault Tree Handbook, 1981, NUREG-0492 (US Nuclear Regulatory Commission). Proc Instn Mech Engrs Vol 215 Part E E03200 Ó IMechE 2001
Analysis methods for fault trees that contain secondary failures
Loughborough University Institutional Repository Analysis methods for fault trees that contain secondary failures This item was submitted to Loughborough University's Institutional Repository by the/an
More informationof an algorithm for automated cause-consequence diagram construction.
Loughborough University Institutional Repository Development of an algorithm for automated cause-consequence diagram construction. This item was submitted to Loughborough University's Institutional Repository
More informationApplication of the Cause-Consequence Diagram Method to Static Systems
Application of the ause-onsequence Diagram Method to Static Systems L.M.Ridley and J.D.Andrews Department of Mathematical Sciences Loughborough University Loughborough Leicestershire LE11 3TU Keywords:
More informationA binary decision diagram method for phased mission analysis of non-repairable systems
Loughborough University Institutional Repository binary decision diagram method for phased mission analysis of non-repairable systems This item was submitted to Loughborough University's Institutional
More informationAssessing system reliability through binary decision diagrams using bayesian techniques.
Loughborough University Institutional Repository Assessing system reliability through binary decision diagrams using bayesian techniques. This item was submitted to Loughborough University's Institutional
More informationRisk Analysis of Highly-integrated Systems
Risk Analysis of Highly-integrated Systems RA II: Methods (FTA, ETA) Fault Tree Analysis (FTA) Problem description It is not possible to analyse complicated, highly-reliable or novel systems as black box
More informationCausal & Frequency Analysis
Causal & Frequency Analysis Arshad Ahmad arshad@utm.my Fishbone Diagram 2 The Cause and Effect (CE) Diagram (Ishikawa Fishbone) Created in 1943 by Professor Kaoru Ishikawa of Tokyo University Used to investigate
More informationA comparison of modelling approaches for the time-limited dispatch (TLD) of aircraft
Loughborough University Institutional Repository A comparison of modelling approaches for the time-limited dispatch (TLD) of aircraft This item was submitted to Loughborough University's Institutional
More informationA ternary decision diagram method to calculate the component contributions to the failure of systems undergoing phased missions
73 A ternary decision diagram method to calculate the component contributions to the failure of systems undergoing phased missions J D Andrews Department of Aeronautical and Automotive Engineering, Loughborough
More informationSafety analysis and standards Analyse de sécurité et normes Sicherheitsanalyse und Normen
Industrial Automation Automation Industrielle Industrielle Automation 9.6 Safety analysis and standards Analyse de sécurité et normes Sicherheitsanalyse und Normen Prof Dr. Hubert Kirrmann & Dr. B. Eschermann
More informationOn Qualitative Analysis of Fault Trees Using Structurally Persistent Nets
On Qualitative Analysis of Fault Trees Using Structurally Persistent Nets Ricardo J. Rodríguez rj.rodriguez@unileon.es Research Institute of Applied Sciences in Cybersecurity University of León, Spain
More informationA SYSTEMATIC INCLUSION OF DIAGNOSIS PERFORMANCE IN FAULT TREE ANALYSIS
SYSTEMTIC INCLUSION OF DIGNOSIS PERFORMNCE IN FULT TREE NLYSIS Jan Åslund, Jonas Biteus, Erik Frisk, Mattias Kryser, Lars Nielsen Department of Electrical Engineering, Linköpings universitet, 58 83 Linköping,
More information12 - The Tie Set Method
12 - The Tie Set Method Definitions: A tie set V is a set of components whose success results in system success, i.e. the presence of all components in any tie set connects the input to the output in the
More informationEvaluating the Core Damage Frequency of a TRIGA Research Reactor Using Risk Assessment Tool Software
Evaluating the Core Damage Frequency of a TRIGA Research Reactor Using Risk Assessment Tool Software M. Nematollahi and Sh. Kamyab Abstract After all preventive and mitigative measures considered in the
More informationSafety and Reliability of Embedded Systems
(Sicherheit und Zuverlässigkeit eingebetteter Systeme) Fault Tree Analysis Mathematical Background and Algorithms Prof. Dr. Liggesmeyer, 0 Content Definitions of Terms Introduction to Combinatorics General
More informationRELIABILITY ANALYSIS OF PISTON MANUFACTURING SYSTEM
Journal of Reliability and Statistical Studies; ISSN (Print): 0974-8024, (Online):2229-5666 Vol. 4, Issue 2 (2011): 43-55 RELIABILITY ANALYSIS OF PISTON MANUFACTURING SYSTEM Amit Kumar and Sneh Lata School
More informationFailures in Process Industries
Fault Tree Analysis Failures in Process Industries Single Component Failure Data for failure rates are compiled by industry Single component or single action Multiple Component Failure Failures resulting
More informationA Reliability Simulation of Warm-fund and Redundancy Repairable System
A Reliability Simulation of Warm-fund and Redundancy Repairable System Shouzhu Wang Department of Science, Yanshan University(west campus) PO box 1447, E-mail: wangshouzhu08@126.com Xianyun Meng (Corresponding
More informationDegraded Performance Analysis of Phased Mission System
5 th International & 26 th All India Manufacturing Technology, Design and Research Conference (AIMTDR 2014) December 12 th 14 th, 2014, IIT Guwahati, Assam, India Degraded Performance Analysis of Phased
More informationNuclear reliability: system reliabilty
Nuclear reliability: system reliabilty Dr. Richard E. Turner (ret26@cam.ac.uk) December 3, 203 Goal of these two lectures failures are inevitable: need methods for characterising and quantifying them LAST
More informationOverview of Control System Design
Overview of Control System Design General Requirements 1. Safety. It is imperative that industrial plants operate safely so as to promote the well-being of people and equipment within the plant and in
More informationApplication of Common Cause Failure Methodology to Aviation Safety Assessment Model
Application of Common Cause Failure Methodology to Aviation Safety Assessment Model Seungwon Noh Systems Engineering and Operations Research George Mason University Fairfax, VA, USA snoh2@gmu.edu Abstract
More informationQuantitative Reliability Analysis
Quantitative Reliability Analysis Moosung Jae May 4, 2015 System Reliability Analysis System reliability analysis is conducted in terms of probabilities The probabilities of events can be modelled as logical
More informationReliability Analysis of Hydraulic Steering System with DICLFL Considering Shutdown Correlation Based on GO Methodology
2015 ICRSE&PHM-Beijing Reliability Analysis of Hydraulic Steering System with DICLFL Considering Shutdown Correlation Based on GO Methodology YI Xiaojian, SHI Jian, MU Huina, DONG Haiping, GUO Shaowei
More informationUNAVAILABILITY CALCULATIONS WITHIN THE LIMITS OF COMPUTER ACCURACY ABSTRACT
(Vol.2) 29, December UNAVAILABILITY CALCULATIONS WITHIN THE LIMITS OF COMPUTER ACCURACY R. Briš Technical University of Ostrava, Faculty of Electrical Engineering and Computer Science, Ostrava, Czech Republic
More informationA New Reliability Allocation Method Based on FTA and AHP for Nuclear Power Plant!
A New Reliability Allocation Method Based on FTA and AHP for Nuclear Power Plant! Presented by Rongxiang Hu Contributed by FDS Team Institute of Nuclear Energy Safety Technology (INEST) Chinese Academy
More informationAP1000 European 19. Probabilistic Risk Assessment Design Control Document
19.15 Chemical and Volume Control System 19.15.1 System Description See subsection 9.3.6.2. 19.15.2 System Operation See subsection 9.3.6.4. 19.15.3 Performance during Accident Conditions See subsection
More informationDevelopment of Multi-Unit Dependency Evaluation Model Using Markov Process and Monte Carlo Method
Development of Multi-Unit Dependency Evaluation Model Using Markov Process and Monte Carlo Method Sunghyon Jang, and Akira Yamaguchi Department of Nuclear Engineering and Management, The University of
More informationSYNTHETIC TREE MODEL A FORMAL METHODOLOGY FOR FAULT TREE CONSTRUCTION A THESIS. Presented to. The Faculty of the Division of Graduate
In presenting the dissertation as a partial fulfillment of the requirements for an advanced degree from the Georgia Institute of Technology, I agree that the Library of the Institute shall make it available
More informationSection 5. TADS Data Reporting Instruction Manual DRAFT Section 5 and Associated Appendices With Proposed Event Type Numbers
Section 5 TADS Data Reporting Instruction Manual DRAFT Section 5 and Associated Appendices With Proposed Event Type Numbers Rev. 5/10/2010 1 Section 5 Form for Event ID and Event Type Number Data TO s
More informationPROBABILISTIC AND POSSIBILISTIC FAULT TREE ANALYSIS
PROBABILISTIC AD POSSIBILISTIC FAULT TREE AALYSIS M. Ragheb 12/28/2017 ITRODUCTIO In the design of nuclear power plants, it is important to analyze the probable and possible mechanisms of failure. Fault
More informationStatic risk mapping using a Geographic Information System
Loughborough University Institutional Repository Static risk mapping using a Geographic Information System This item was submitted to Loughborough University's Institutional Repository by the/an author.
More informationSystems reliability for phased missions
Loughborough University Institutional Repository Systems reliability for phased missions This item was submitted to Loughborough University's Institutional Repository by the/an author. Additional Information:
More informationSafety and Reliability of Embedded Systems. (Sicherheit und Zuverlässigkeit eingebetteter Systeme) Fault Tree Analysis Obscurities and Open Issues
(Sicherheit und Zuverlässigkeit eingebetteter Systeme) Fault Tree Analysis Obscurities and Open Issues Content What are Events? Examples for Problematic Event Semantics Inhibit, Enabler / Conditioning
More informationModeling Common Cause Failures in Diverse Components with Fault Tree Applications
Modeling Common Cause Failures in Diverse s with Fault Tree Applications Joseph R. Belland, Isograph Inc. Key Words: Common Cause Failures, Fault Trees, Beta Factor SUMMARY & CONCLUSIONS A common cause
More informationASSESSMENT OF DYNAMIC PRA TECHNIQUES WITH INDUSTRY- AVERAGE COMPONENT PERFORMANCE DATA
ASSESSMENT OF DYNAMIC PRA TECHNIQUES WITH INDUSTRY- AVERAGE COMPONENT PERFORMANCE DATA Vaibhav Yadav*, Vivek Agarwal, Andrei V. Gribok, and Curtis L. Smith Idaho National Laboratory 2525 Fremont Avenue,
More informationFractal dimensions of computer simulated agglomerates
Loughborough University Institutional Repository Fractal dimensions of computer simulated agglomerates This item was submitted to Loughborough University's Institutional Repository by the/an author. Citation:
More informationMean fault time for estimation of average probability of failure on demand.
Mean fault time for estimation of average probability of failure on demand. Isshi KOYATA a *, Koichi SUYAMA b, and Yoshinobu SATO c a The University of Marine Science and Technology Doctoral Course, Course
More informationCommon Cause Failure (CCF)
Common Cause Failure (CCF) 건국대학교컴퓨터공학과 UC Lab. 정혁준 & 박경식 amitajung@naver.com, kyeongsik@konkuk.ac.kr Contents Common Cause Failure (CCF) Types of CCF Examples Reducing CCF Common Cause Failure (CCF) Definition
More informationReliability Analysis of Electronic Systems using Markov Models
Reliability Analysis of Electronic Systems using Markov Models István Matijevics Polytechnical Engineering College, Subotica, Serbia and Montenegro, matistvan@yahoo.com Zoltán Jeges Polytechnical Engineering
More informationReliability of Technical Systems
Reliability of Technical Systems Main Topics. Short Introduction, Reliability Parameters: Failure Rate, Failure Probability, etc. 2. Some Important Reliability Distributions 3. Component Reliability 4.
More informationAvailability analysis of nuclear power plant system with the consideration of logical loop structures
Availability analysis of nuclear power plant system with the consideration of logical loop structures MATSUOKA Takeshi 1, 2 1. Mechanical Systems Engineering, Department of Engineering, Utsunomiya University,
More informationLecture 5 Probability
Lecture 5 Probability Dr. V.G. Snell Nuclear Reactor Safety Course McMaster University vgs 1 Probability Basic Ideas P(A)/probability of event A 'lim n64 ( x n ) (1) (Axiom #1) 0 # P(A) #1 (1) (Axiom #2):
More informationDeveloping component models for automated functional testing
Loughborough University Institutional Repository Developing component models for automated functional testing This item was submitted to Loughborough University's Institutional Repository by the/an author.
More informationCommon Cause Failures: Extended Alpha Factor method and its Implementation
Common Cause Failures: Extended Alpha Factor method and its Implementation Alexandra Sitdikova Reactor Engineering Division, Jožef Stefan Institute Jamova 39, SI-1000 Ljubljana, Slovenia Institute of Physics
More informationChapter 5. System Reliability and Reliability Prediction.
Chapter 5. System Reliability and Reliability Prediction. Problems & Solutions. Problem 1. Estimate the individual part failure rate given a base failure rate of 0.0333 failure/hour, a quality factor of
More informationChapter 18 Section 8.5 Fault Trees Analysis (FTA) Don t get caught out on a limb of your fault tree.
Chapter 18 Section 8.5 Fault Trees Analysis (FTA) Don t get caught out on a limb of your fault tree. C. Ebeling, Intro to Reliability & Maintainability Engineering, 2 nd ed. Waveland Press, Inc. Copyright
More information1 Algebraic Methods. 1.1 Gröbner Bases Applied to SAT
1 Algebraic Methods In an algebraic system Boolean constraints are expressed as a system of algebraic equations or inequalities which has a solution if and only if the constraints are satisfiable. Equations
More informationAutomata with modulo counters and nondeterministic counter bounds
Loughborough University Institutional Repository Automata with modulo counters and nondeterministic counter bounds This item was submitted to Loughborough University's Institutional Repository by the/an
More informationQuantitative evaluation of Dependability
Quantitative evaluation of Dependability 1 Quantitative evaluation of Dependability Faults are the cause of errors and failures. Does the arrival time of faults fit a probability distribution? If so, what
More informationA set theoretic view of the ISA hierarchy
Loughborough University Institutional Repository A set theoretic view of the ISA hierarchy This item was submitted to Loughborough University's Institutional Repository by the/an author. Citation: CHEUNG,
More informationB.H. Far
SENG 637 Dependability, Reliability & Testing of Software Systems Chapter 3: System Reliability Department of Electrical & Computer Engineering, University of Calgary B.H. Far (far@ucalgary.ca) http://www.enel.ucalgary.ca/people/far/lectures/seng637/
More informationStudy on Quantification Methodology of accident sequences for Tsunami Induced by Seismic Events.
Study on Quantification Methodology of accident sequences for Tsunami Induced by Seismic Events 1 Keisuke Usui, 2 Hitoshi Muta, 3 Ken Muramatsu 1 Graduate Student, Corporative Major in Nuclear Energy:
More informationModule No. # 03 Lecture No. # 11 Probabilistic risk analysis
Health, Safety and Environmental Management in Petroleum and offshore Engineering Prof. Dr. Srinivasan Chandrasekaran Department of Ocean Engineering Indian Institute of Technology, Madras Module No. #
More informationAnalyzing system changes with importance measure pairs: Risk increase factor and Fussell-Vesely compared to Birnbaum and failure probability
Analyzing system changes with importance measure pairs: Risk increase factor and Fussell-Vesely compared to Birnbaum and failure probability Janne Laitonen*, Ilkka Niemelä Radiation and Nuclear Safety
More informationTime Dependent Analysis with Common Cause Failure Events in RiskSpectrum
Time Dependent Analysis with Common Cause Failure Events in RiskSpectrum Pavel Krcal a,b and Ola Bäckström a a Lloyd's Register Consulting, Stockholm, Sweden b Uppsala University, Uppsala, Sweden Abstract:
More informationLaser vibrometry on solid surfaces : the effects of laser speckle
Loughborough University Institutional Repository Laser vibrometry on solid surfaces : the effects of laser speckle This item was submitted to Loughborough University's Institutional Repository by the/an
More informationRISK-INFORMED OPERATIONAL DECISION MANAGEMENT (RIODM): RISK, EVENT TREES AND FAULT TREES
22.38 PROBABILITY AND ITS APPLICATIONS TO RELIABILITY, QUALITY CONTROL AND RISK ASSESSMENT Fall 2005, Lecture 1 RISK-INFORMED OPERATIONAL DECISION MANAGEMENT (RIODM): RISK, EVENT TREES AND FAULT TREES
More informationAP1000 European 7. Instrumentation and Controls Design Control Document
7.2 Reactor Trip 7.2.1 Description Considerations, such as mechanical or hydraulic limitations on equipment or heat transfer requirements on the reactor core, define a safe operating region for the plant.
More informationQuantification of Temporal Fault Trees Based on Fuzzy Set Theory
Quantification of Temporal Fault Trees Based on Fuzzy Set Theory Sohag Kabir, Ernest Edifor, Martin Walker, Neil Gordon Department of Computer Science, University of Hull, Hull, UK {s.kabir@2012.,e.e.edifor@2007.,martin.walker@,n.a.gordon
More informationCircuit Analysis and Ohm s Law
Study Unit Circuit Analysis and Ohm s Law By Robert Cecci Circuit analysis is one of the fundamental jobs of an electrician or electronics technician With the knowledge of how voltage, current, and resistance
More informationReliability of Technical Systems
Reliability of Technical Systems Main Topics 1. Short Introduction, Reliability Parameters: Failure Rate, Failure Probability, etc. 2. Some Important Reliability Distributions 3. Component Reliability
More informationDerogation Criteria for the Requirements for Generators Network Code
Derogation Criteria for the Requirements for Generators Network Code Decision Paper Reference: CER/17/084 Date Published: 13/04/2017 Closing Date: 0 Executive Summary Commission Regulation (EU) 2016/631
More informationReliability assessment of a digital electronic board assembly using the physics-of-failure approach: a case study
Loughborough University Institutional Repository Reliability assessment of a digital electronic board assembly using the physics-of-failure approach: a case study This item was submitted to Loughborough
More informationThe Applications of Inductive Method in the Construction of Fault Trees MENG Qinghe 1,a, SUN Qin 2,b
The Applications of Inductive Method in the Construction of Fault Trees MENG Qinghe 1,a, SUN Qin 2,b 1 School of Aeronautics, Northwestern Polytechnical University, Xi an 710072, China 2 School of Aeronautics,
More informationANALYSIS OF INDEPENDENT PROTECTION LAYERS AND SAFETY INSTRUMENTED SYSTEM FOR OIL GAS SEPARATOR USING BAYESIAN METHODS
ANALYSIS OF INDEPENDENT PROTECTION LAYERS AND SAFETY INSTRUMENTED SYSTEM FOR OIL GAS SEPARATOR USING BAYESIAN METHODS G. Unnikrishnan 1 *, Shrihari 2, Nihal A. Siddiqui 3 1 Department of Health, Safety
More informationQuality and Coverage of Data Sources
Quality and Coverage of Data Sources Objectives Selecting an appropriate source for each item of information to be stored in the GIS database is very important for GIS Data Capture. Selection of quality
More informationEngineering Risk Benefit Analysis
Engineering Risk enefit nalysis.55, 2.943, 3.577, 6.938, 0.86, 3.62, 6.862, 22.82 ESD.72J, ESD.72 RPR. The Logic of ertainty George E. postolakis Massachusetts Institute of Technology Spring 2007 RPR.
More informationTAKEHISA KOHDA 1 and KOICHI INOUE 2
International Journal of Performability Engineering, Vol. 1, No. 1, July 2005, pp. 65-78 RAMS Consultants Printed in India TAKEHISA KOHDA 1 and KOICHI INOUE 2 1 Dept. of Aeronautics and Astronautics Graduate
More informationReliability Evaluation of Engineering Systems:
Reliability Evaluation of Engineering Systems: Concepts and Techniques Roy Billinton PhD, DSc, FEIC, FRSC, FIEEE, PE c. J. MacKenzie Professor of Electrical Engineering University of Saskatchewan and Ronald
More informationTerminology and Concepts
Terminology and Concepts Prof. Naga Kandasamy 1 Goals of Fault Tolerance Dependability is an umbrella term encompassing the concepts of reliability, availability, performability, safety, and testability.
More informationENGR-4300 Fall 2008 Test 3. Name SOLUTION. Section 1(MR 8:00) 2(TF 2:00) (circle one) Question I (20 points) Question II (15 points)
ENGR-4300 Fall 008 Test 3 Name SOLUTION Section (MR 8:00) (TF :00) (circle one) Question I (0 points) Question II (5 points) Question III (0 points) Question I (0 points) Question (5 points) Total (00
More informationField data reliability analysis of highly reliable item
Field data reliability analysis of highly reliable item David Vališ & Zdeněk Vintr Faculty of Military Technologies University of Defence 612 00 Brno Czech Republic david.valis@unob.cz Miroslav Koucký
More informationarxiv: v1 [cs.lo] 7 Dec Department of Electrical and Computer Engineering,
Dynamic Fault Trees Analysis using an Integration of Theorem Proving and Model Checking Yassmeen Elderhalli 1, Osman Hasan 1,2, Waqar Ahmad 2 and Sofiène Tahar 1 arxiv:1712.02872v1 [cs.lo] 7 Dec 2017 1
More informationB.H. Far
SENG 521 Software Reliability & Software Quality Chapter 8: System Reliability Department of Electrical & Computer Engineering, University of Calgary B.H. Far (far@ucalgary.ca) http://www.enel.ucalgary.ca/people/far/lectures/seng521
More informationQuantitative evaluation of Dependability
Quantitative evaluation of Dependability 1 Quantitative evaluation of Dependability Faults are the cause of errors and failures. Does the arrival time of faults fit a probability distribution? If so, what
More informationModeling the sputter deposition of thin film photovoltaics using long time scale dynamics techniques
Loughborough University Institutional Repository Modeling the sputter deposition of thin film photovoltaics using long time scale dynamics techniques This item was submitted to Loughborough University's
More informationReduced-order modelling and parameter estimation for a quarter-car suspension system
81 Reduced-order modelling and parameter estimation for a quarter-car suspension system C Kim and PIRo* Department of Mechanical and Aerospace Engineering, North Carolina State University, Raleigh, North
More informationNonlinear dynamics of structures with propagating cracks
Loughborough University Institutional Repository Nonlinear dynamics of structures with propagating cracks This item was submitted to Loughborough University's Institutional Repository by the/an author.
More informationDesign of Control Modules for Use in a Globally Asynchronous, Locally Synchronous Design Methodology
Design of Control Modules for Use in a Globally Asynchronous, Locally Synchronous Design Methodology Pradnya Deokar Department of Electrical and Computer Engineering, VLSI Design Research Laboratory, Southern
More informationExperiment for Justification the Reliability of Passive Safety System in NPP
XIII International Youth Scientific and Practical Conference FUTURE OF ATOMIC ENERGY - AtomFuture 2017 Volume 2017 Conference Paper Experiment for Justification the Reliability of Passive Safety System
More informationAn algorithm for computing minimal bidirectional linear recurrence relations
Loughborough University Institutional Repository An algorithm for computing minimal bidirectional linear recurrence relations This item was submitted to Loughborough University's Institutional Repository
More informationMultiple abstraction levels in modelling product structures
Data & Knowledge Engineering 36 (2001) 55±78 www.elsevier.com/locate/datak Multiple abstraction levels in modelling product structures Tomi Mannisto *, Hannu Peltonen, Timo Soininen, Reijo Sulonen Product
More informationSystem Reliability Analysis. CS6323 Networks and Systems
System Reliability Analysis CS6323 Networks and Systems Topics Combinatorial Models for reliability Topology-based (structured) methods for Series Systems Parallel Systems Reliability analysis for arbitrary
More informationEE 445 / 850: Final Examination
EE 445 / 850: Final Examination Date and Time: 3 Dec 0, PM Room: HLTH B6 Exam Duration: 3 hours One formula sheet permitted. - Covers chapters - 5 problems each carrying 0 marks - Must show all calculations
More informationModified Berlekamp-Massey algorithm for approximating the k-error linear complexity of binary sequences
Loughborough University Institutional Repository Modified Berlekamp-Massey algorithm for approximating the k-error linear complexity of binary sequences This item was submitted to Loughborough University's
More informationChapter 6. a. Open Circuit. Only if both resistors fail open-circuit, i.e. they are in parallel.
Chapter 6 1. a. Section 6.1. b. Section 6.3, see also Section 6.2. c. Predictions based on most published sources of reliability data tend to underestimate the reliability that is achievable, given that
More informationPractical Investigation
colinhop@bigpond.net.au Physics Revision 2017 333 Practical Investigation independent, dependent and controlled variables Definitions Independent, dependent and controlled variables The independent variable
More informationASTRA 3.0: LOGICAL AND PROBABILISTIC ANALYSIS METHODS
ASTRA 3.: LOGICAL AND PROBABILISTIC ANALYSIS METHODS Description of the main phases and algorithms of the fault tree analysis procedure implemented in ASTRA 3. Sergio Contini and Vaidas Matuzas EUR 2452
More informationBoolean algebra. Examples of these individual laws of Boolean, rules and theorems for Boolean algebra are given in the following table.
The Laws of Boolean Boolean algebra As well as the logic symbols 0 and 1 being used to represent a digital input or output, we can also use them as constants for a permanently Open or Closed circuit or
More informationOn Qualitative Analysis of Fault Trees Using Structurally Persistent Nets
SUBMITTED TO IEEE TRANSACTIONS ON SYSTEMS, MAN, AND CYBERNETICS: SYSTEMS 1 On Qualitative Analysis of Fault Trees Using Structurally Persistent Nets Ricardo J. Rodríguez Member, IEEE Abstract A Fault Tree
More informationSequential Circuits Sequential circuits combinational circuits state gate delay
Sequential Circuits Sequential circuits are those with memory, also called feedback. In this, they differ from combinational circuits, which have no memory. The stable output of a combinational circuit
More informationLab #15: Introduction to Computer Aided Design
Lab #15: Introduction to Computer Aided Design Revision: 02 Nov 2016 Print Name: Section: GETTING FAMILIAR WITH YOUR BASYS3 DIGILAB BOARD. Problem 1: (26 points) Visually inspect the Digilab board, enter
More informationA GIS based Decision Support Tool for the Management of Industrial Risk
A GIS based Decision Support Tool for the Management of Industrial Risk S.A Karkanis and G.S.Bonanos Institute of Nuclear Technology - Radiation Protection, National Center for Scientific Research DEMOKRITOS,
More informationRequirements Validation. Content. What the standards say (*) ?? Validation, Verification, Accreditation!! Correctness and completeness
Requirements Validation Requirements Management Requirements Validation?? Validation, Verification, Accreditation!! Check if evrything is OK With respect to what? Mesurement associated with requirements
More informationNon-independence in Statistical Tests for Discrete Cross-species Data
J. theor. Biol. (1997) 188, 507514 Non-independence in Statistical Tests for Discrete Cross-species Data ALAN GRAFEN* AND MARK RIDLEY * St. John s College, Oxford OX1 3JP, and the Department of Zoology,
More informationComputing Consecutive-Type Reliabilities Non-Recursively
IEEE TRANSACTIONS ON RELIABILITY, VOL. 52, NO. 3, SEPTEMBER 2003 367 Computing Consecutive-Type Reliabilities Non-Recursively Galit Shmueli Abstract The reliability of consecutive-type systems has been
More information6.1 Dependability Modeling. General Rules. Analysis
Dependable Systems Winter term 2018/2019 Dependable Systems 6 th Chapter Quantitative Analysis - Structural Models Christine Jakobs Professur Betriebssysteme Dependability is an umbrella term for a set
More informationProbabilistic Risk Assessment
r Chapter 5 5.1 Introduction 5-1 5.1.1 Chapter Content This chapter presents a methodology for event analysis. DBAs, as discussed in the previous chapter, define the events to be analyzed for PSAs. Risk
More informationIntroduction to Model Checking. Debdeep Mukhopadhyay IIT Madras
Introduction to Model Checking Debdeep Mukhopadhyay IIT Madras How good can you fight bugs? Comprising of three parts Formal Verification techniques consist of three parts: 1. A framework for modeling
More information